THE TERASTREAM IPv6 NATIVE NETWORK ARCHITECTURE
How to build a modern service provider using IP v 6 and Optics
Ian Farrer, Deutsche Telekom AG
12-Sep-2012
© Deutsche Telekom AG, 2012 2
One truly converged network - de-layered, IP and Optical are one, bits over wavelengths, digital over analog
The same technology for LAN and WAN - for LAN: IP packets in Home, Office, Data Center; for WAN: IP packets in Metro, Country, Continent
Digital services for consumers and businesses - communication, information, cloud-compute and -storage
Real-time OSS - instantaneous service provisioning, guaranteed good user experience
Cloud-era economics - service flexibility, fast-paced innovation, agile implementation, reduced system complexity, lower cost
Stay with the IP Internet Architecture using IPv6 for all functions and services Have a standardized toolbox, “services in the data center”
Standard computers instead of specialized appliances
Look forward, what can we do, not backwards what we used to do No L1, L2, L3 dependencies
No “best effort” you get what you pay for (Best effort is just a service class..)
TeraStream
Packet Cloud Architecture Fundamentals
12-Sep-2012
© Deutsche Telekom AG, 2012 Axel Clauberg 3
Principle Applied to TeraStream design
Reduce the amount of technologies used Use IP and optical transmission only No OTN, L2, MPLS switching
Use IPv6 for all internal functions and
services No native IPv4 support in the network
IPv4 is a service
IPv6 based “carrier Ethernet service”
Avoid internal interfaces Minimize non-customer, non-peering facing interfaces Distribute Internet peerings, offload external traffic ASAP
Size the network to handle all IP traffic
without IP packets losses Dimension the network for peak hour IP traffic, no oversubscription, packet loss is extreme exception
Integrate optical networks and IP networks as
much as possible Integrate IP and optical layers into routers to simplify the network, avoid redundant mechanisms e.g. failure handling, reduce total cost
Use one network for all services – Internet, IP
TV, business, … Single converged packet network
Note: Dominant traffic drives the design!
Deterministic and short routing path for all on-
net traffic Network distance between R1 access routers is at most two R2 backbone
routers away and R1 is multi homed to two R2
Service policy for packets are outside the
payload Encode service type, traffic class, direction etc in the IPv6 address
Data Centers are directly connected to
backbone routers DCs connect directly to R2s to avoid building internal IP interfaces for very large amount of traffic
TeraStream Design Principles
THE TERASTREAM ARCHITECTURE
L2:MSAN
OLT Mobile FTTx
xDSL
DWDM
L2 Agg L2 Switch L2 Agg
R1 R1
R2 R2
intern
R1 R1
Infrastructure Cloud Infrastructure Cloud
Node B
R1 R1
R2 R2
12-Sep-2012
© Deutsche Telekom AG, 2012 5
R1
! Terminate access interfaces
! Runs IPv6 routing only, integrates optical
! Access services
! IPv6 - dealt with natively
! IPv4 – IPv4 over IPv6 softwire between HGW / CPE and DC, R1 not involved
! non-IP - L2-over-IPv6 encapsulation
! User configuration
! using Netconf / Yang
! Driven by real-time OSS i.e. self-service portal
All Access
MSAN OLT
LTE
Data Center User
Area
DC
DC
R1 R2
IPv6 Packet Network
IPv6 + Optical IPv6
routing
4o6-swire DC
Peering IPv6 / IPv4 + Optical L2-over-IPv6 Tunnel
IPv6 4o6-swire Non-IP
DC
L2oIPv6 encap
R2
• Connects R1s, Data Centers and Internet peerings
• Runs IPv6 and IPv4 routing, integrates optical
• Closely integrated with Data Centers
Optimized handling of locally sourced services
• High scale IP bandwidth
Data Center / Services
• Distributed design
fully virtualized x86 compute and storage environment
• Network support functions - DNS, DHCP, NMS
• Real-time OSS incl. user self-service portal
• Cloud DC applications, XaaS services
• Complex network services e.g. high- touch subscriber handling
TeraStream key functional elements
Non IP services
TeraStream – Design in a Nutshell
TRANSPORT
10-SEP-2013
© Deutsche Telekom AG, 2013 7
R1 " R2: OPTICAL FIBER LINKS
R1 ! R2 optical fiber links
R2a/b R2b/a
R1 R1 R1 R1 R1 R1
80/96 W DM channels
R2b/a
R2b/a
R2b/a
R1 R1 R1 R1 R1 R1 R1 R1 R1 R1
R1 R1 R1 R1 R1 R1
R1 R1 R1 R1 R1 R1
R1 R1 R1 R1 R1 R1
R1 R1 R1 R1 R1 R1 R1 R1 R1 R1 R1 R1 R1 R1
R1 R1 R1 R1 R1 R1 R1
R1 R1 R1 R1 R1 R1 R1 R1 R1
R1 R1
100G Coherent DWDM Interop and Pluggable Technology
OEO OEO
Vendor A Vendor B Vendor C
Up to 600Km
Optical
Components DSP
FEC
&
Framer
Optical IF Electrical Analog IF
Device IF e.g. CAUI&CEI
System IF e.g. CAUI/CEI
• Agree on a common set of
parameters for the 100G line side
• Enable innovation by many players in the silicon optics arena
• Hard FEC, typ 800km
• If price is right, use in data center
• Coding
• Carrier Recovery
• Acquisition (blind)
• Reach
• Framing (works with both OTU4.4 and OTU4.10)
• Forward Error Correction
(Hard FEC Staircase)
12-Sep-2012
© Deutsche Telekom AG, 2012 9
TeraStream user facing router R1
L2 device:
MSAN, OLT, Eth Swtch
Router
10 GE
(250VLANs)
Max 250 cust. per 10GbE link
•IP traffic shaped to capabilities of L2 device
•5000 customers connections per R1
•20 * 10GE port for L2 device
•4 * 100GE for R2 link R1
per customer queues: 100GE
100GE
100GE 100GE
R2-B R2-A
best- effort audio video reserved
best- effort audio video reserved
traffic shaping per 100GE:
TeraStream user facing router R1
Service Guarantee Architecture Configure per queue:
- Delay - Drop
- Bandwidth
- Reorder
- Etc...
TeraStream Cloud Service Center 10
Traffic flow patterns:
• R1 " Peers and Other R2 going north " south (example: IPv6 Internet traffic)
• R1 " Data Center services going south " east (example: DHCP)
• R1 " Data Center " Peers going south " east " west " north (example: IPv4 Internet traffic)
DNS (local)
R2
Data Center
IMS / SBC DHCP
Lw4o6 (IPv6oIPv6) CDN
DNS (global)
Peering
Other R2 full Mesh
R1
north
south
west east
DC Internal East-West L3
L2 SDN Overlay ? Security Domains:
MZ, DMZ, Exposed Hosts separated, firewalled
R2 router and traffic patterns
21-MAR-2013
© Deutsche Telekom AG, 2013 11
TERASTREAM HOMEGATEWAY PLATFORM
Existing CPE procurement models are far too slow to keep up with the necessary rate of development
The current state of IPv6 support on commercial platforms leaves … room for improvement!
We believe that we are not the only carrier with this problem
DT are currently developing a carrier grade’ CPE software platform Based on OpenWRT, extended with IPv6 and SP functionality
Plan to register this with Linux Foundation A fully open source initiative
We are looking for other interested carriers to build a development community around the platform
So . . .
IPv6
21-MAR-2013
© Deutsche Telekom AG, 2013 13
IPv6 NATIVE NETWORKING
IPv6 is fundamental, not an Afterthought
A new network - designed from the ground up specifically for IPv6
IPv6 for ALL internal interfaces (incl. management, control plane etc) – with just a bit of IS-IS for IGP
Treat IPv6 as a new protocol – It can be much more than just ‘IPv4, but bigger’
Don’t let native IPv4 into the network No Dual-Stack
Treat IPv4 as a long-tail overlay service – (more on this later)
Once you let ANY IPv4 into the design, you’ll never get rid of it!
21-MAR-2013
© Deutsche Telekom AG, 2013 14
SERVICE DIFFERENTIATION BASED ON ADDRESSES USING IPv6 ADDRESS SPACE AS LABELS
Provider (56 bits)
Subnet (8) UserUser – Host (64 bits)
Network Structure bits Servicebits
Registry/IANA Assigned
P Public 0=SP-intern, 1=extern
I Infrastructure 0=end user, 1=infrastructure packet E Endpoint/Service 0=endpoint, 1=service
SSS Service Type 0=res, 1=internet, 4=video, 5=L2, 6=voice, 7=mgmt
M 0=fixed, 1=mobile endpoint
Examples: Source Destination
PIESSS PIESSS
---
User -> IMS 000110 011110
IMS -> User 011110 000110
User -> User (best effort) X00001 X00001 User -> Internet (best effort)100001 XXXXXX Internet -> User (best effort)XXXXXX 100001
Lan-Lan service 010101 010101
21-MAR-2013
© Deutsche Telekom AG, 2013 15
MULTIPLE PREFIXES ON THE CLIENT…
Brings benefits, but also a new (old!) problem
The Solution? - “Prefix Colouring”
! Adds additional metadata to DHCP prefix allocations
! Allows applications and users to select a source prefix based on this metadata
! Source address selection is decoupled from the destination address prefix matching
! Can also help with source address selection in multi-homing deployments
! Described in ‘draft-lepape-6man-prefix-metadata’
Current source address mechanisms are based on variants of longest source/destination prefix matching policy
! This places constraints on your addressing architecture
! Often require additional policy to be provisioned to the client
! Doesn’t give users or applications information about the ‘properties’ or ‘suitability’ of a prefix for use How do you ensure that the client selects the right source address for each different service?
Home network with video class service
In this example, two different services are being run on the same network.
The service provider wishes that traffic is sourced from different prefixes by the home network clients for Video on demand service as against general Internet access
The homenet has several prefixes delegated – (potentially one each for voice, video and Internet)
This example show
Set Top box
Video Service Prefix Class: Internet (e.g. 0)
http://datatracker.ietf.org/doc/draft-lepape-6man-prefix-metadata/
Prefix Class: Video(e.g. 10)
21-MAR-2013
© Deutsche Telekom AG, 2013 17
IPv4 AS A SERVICE – LIGHTWEIGHT 4o6 SOFTWIRES
21-MAR-2013
© Deutsche Telekom AG, 2013 17
R1 R2
Home Network
v4 CPE
host v4
Internet v6
Lightweight 4o6 Softwire Tunnel
Concentrator (lwAFTR)
Infrastructure Cloud
v4
IPv4 in IPv6 Softwire Tunnel
Customer connection usage example
L2 device:
MSAN, OLT, EthSwtch R1
Scenario: New customer connects to DT IP Infrastructure
1) Customer connects his device, generates IPv6 packet and forwards them to R1
2) R1 receives the IP packet and recog nizes a VLAN as not “in serv ice”
3) IP packet is encapsulated at R1, wit h the IPv6 informing the VLA N / L2 d ev ice from where the request came from, and forwards it to Data Center
4) Data center respond s w ith DHCP or Web server.
Customer can only reach the walled garden.
Router
R2
VLAN per customer
10GbE
Server (at R2) LocalIPv6
IP pa cket IP packet
Data Center
NetConf/
Yang
Max 250 cust. per 10GbE link
inservice customer MAC
Scenario: customer registers
1) Web server at Data Center generates a request to OSS to configure a new customer via NetConf / Yang at router R1, Line ID.
2) The OSS via NetConf configures the R1 as “in service” for a customer located at a specific interface (IPv6 address).
3) From now on, the customer is outside the walled garden and can reach other Internet addresses.
OSS
- DHCP - DNS
Initial tunnel
Internet access
- WEB srv.
If Not IPv6, use the network as a PTP Ethernet
21-MAR-2013
© Deutsche Telekom AG, 2013 19
DEPLOYING v6 ONLY – SOME LESSONS LEARNT SO FAR…
! There are still mainstream products that do not have complete IPv6 implementations:
! Transport interfaces tend to have more complete implementations
! Management and control plane functionality may not be so good
! The level of IPv6 testing in shipping products is not on a par with IPv4 – we’ve found some pretty hairy bugs!
! Vendor’s need constant ‘encouragement’ to resolve these problems
! If you are planning any kind of similar rollout, get your requirements fixed
and test well in advance!
NETWORK FUNCTION VIRTUALISATION
“THE INFASTRUCTURE
CLOUD”
21-MAR-2013
© Deutsche Telekom AG, 2013 21
INFRASTRUCTURE CLOUD
NETWORK FUNCTION VIRTUALIZATION
R2
40% of traffic
OTT Apps Self Provisioning
IPv4 Softwire
Network Services (DNS, DHCP)
Video
Business VPN Services
Content
Mobile Core
& Services IMS
12-Sep-2012
© Deutsche Telekom AG, 2012 22
REAL-TIME OSS
12-Sep-2012
© Deutsche Telekom AG, 2012 Axel Clauberg 23
NCS – The Model-Driven Network Abstraction Layer
NCS
Network Engineer Other OSS
Functions
YANG Service Models
YANG Device Models
Two way formal service
mappings • Real-time
• Read-write
• Two phase transactions
• Validations, rollbacks NETCONF, IOS(-XR) CLI, REST, etc
Network CLI, Web UI NETCONF, REST
Internet1 Internet2 VPN
R11 R12
API
Model-Driven Network Abstraction Layer
12-Sep-2012
© Deutsche Telekom AG, 2012 Axel Clauberg 24
NCS in Terastream
Confidential Information | September 29, 2013
R1 R1 R1
R2 R2
N C S
N C S
NCS CLI : EVPL Service over R1 and R2
NCS REST
NCS NETCONF NCS WebUI
Transaction
Define “Services” in a data-model language (Yang)
12-Sep-2012
© Deutsche Telekom AG, 2012 25
TERASTREAM
CROATIA TRIAL
100 Gb/s network using IP and Optical integration
Full integration of Network and Cloud technologies for
service production
Native IPv6 network delivering consumer service
Built in a record time - decision in September, launch on Dec 10th 500 customers with up to Gigabit access speeds
TERASTREAM PILOT SUCCESFULLY LAUNCHED
@ HRVATSKI TELEKOM ON DEC 10, 2012
Agile execution – small cross-functional teams (DT, HT, Cisco, Combis)
Continued development and iterative improvement Technology refinements
New vendors being integrated More customers connected
12-Sep-2012
© Deutsche Telekom AG, 2012 27
10-SEP-2013
© Deutsche Telekom AG, 2013 28
! Radical simplification of the IP network architecture
! Removing the legacy from the core (IPv4, MPLS), improving services
! Optical transmission is integrated into the IP routers using 100G coherent technologies
! Combining network and cloud for scalable service production
! Control using a SDN paradigm – Realtime OSS
TERASTREAM SUMMARY
TeraStream
! Improve user experience, real Internet services to more users
! Use just enough complexity to do the job and no more
! Get the revenue and cost balance right
Benefits
12-Sep-2012
© Deutsche Telekom AG, 2012 29
Questions?
Now you can bring out your tar and feathers and start throwing things at me.. "
"
"
"